Move to rootless

To enhance security I moved the Forgejo container to rootless; Port is changed because rootless cant use 22

forgejo/compose.sh

@@ -2,7 +2,7 @@
 
 podman pod create --name=forgejo \
   -p 127.0.0.1:3000:3000 \
-  -p 2222:22
+  -p 2222:2222
 
 # PORTS:
 # - 3000 = WEB
@@ -23,15 +23,15 @@ podman create \
   --pod=forgejo \
   --name=forgejo_forgejo \
   --volume=./data/forgejo:/data:Z \
-  --cap-add=CAP_SYS_CHROOT \
+  -e 'GITEA_APP_INI=/data/gitea/conf/app.ini' \
+  -e 'GITEA_TEMP=/data/gitea/tmp' \
+  -e 'GITEA_CUSTOM=/data/gitea' \
+  -e 'GITEA_WORK_DIR=/app/gitea/gitea' \
   -e 'GITEA__database__DB_TYPE=postgres' \
   -e 'GITEA__database__HOST=localhost' \
   -e 'GITEA__database__NAME=forgejo' \
   -e 'GITEA__database__USER=forgejouser' \
   --env-file=forgejo.env \
-  codeberg.org/forgejo/forgejo:1.19
+  codeberg.org/forgejo/forgejo:1.19-rootless
 
-# -e 'GITEA__database__PASSWD=YOUR_DB_PASSWORD' \
-
-# NOTE:
-# --cap-add exists because of https://codeberg.org/forgejo/forgejo/issues/627
+# -e 'GITEA__database__PASSWD=YOUR_DB_PASSWORD' \